diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-02-02 11:57:46 +0000 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-02-02 11:57:46 +0000 |
commit | 8d4c157146b37c673bd393b1070dd588f51a3700 (patch) | |
tree | 4ed8cdc0a3825d8a4ac642e9d2f778fa870d1358 /src/libcryptobox | |
parent | 34c51207375ae61c322ca26d6ca98dc93b8bebd5 (diff) | |
download | rspamd-8d4c157146b37c673bd393b1070dd588f51a3700.tar.gz rspamd-8d4c157146b37c673bd393b1070dd588f51a3700.zip |
Reserve rspamd_sig_t for signatures
Diffstat (limited to 'src/libcryptobox')
-rw-r--r-- | src/libcryptobox/cryptobox.c | 20 | ||||
-rw-r--r-- | src/libcryptobox/cryptobox.h | 17 |
2 files changed, 20 insertions, 17 deletions
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index 4b4cd4da1..5f0bb3b64 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -590,7 +590,7 @@ rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain) } static gboolean -rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_sig_t sig) +rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig) { if (G_LIKELY (!use_openssl)) { poly1305_finish (auth_ctx, sig); @@ -604,7 +604,7 @@ rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_sig_t sig) EVP_CIPHER_CTX *s = auth_ctx; g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_GET_TAG, - sizeof (rspamd_sig_t), sig) == 1); + sizeof (rspamd_mac_t), sig) == 1); return TRUE; #endif @@ -757,10 +757,10 @@ rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain) } static gboolean -rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_sig_t sig) +rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig) { if (G_LIKELY (!use_openssl)) { - rspamd_sig_t mac; + rspamd_mac_t mac; poly1305_finish (auth_ctx, mac); @@ -808,7 +808,7 @@ rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx) void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, const rspamd_nm_t nm, - rspamd_sig_t sig) + rspamd_mac_t sig) { gsize r; void *enc_ctx, *auth_ctx; @@ -848,7 +848,7 @@ void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_sig_t sig) + const rspamd_nm_t nm, rspamd_mac_t sig) { struct rspamd_cryptobox_segment *cur = segments, *start_seg = segments; guchar outbuf[CHACHA_BLOCKBYTES * 16]; @@ -949,7 +949,7 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_sig_t sig) + const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_mac_t sig) { gsize r = 0; gboolean ret = TRUE; @@ -979,7 +979,7 @@ rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_sig_t sig) + const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; gboolean ret; @@ -995,7 +995,7 @@ rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig) + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; @@ -1008,7 +1008,7 @@ void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig) + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h index 4a3d1e1f7..8673fa091 100644 --- a/src/libcryptobox/cryptobox.h +++ b/src/libcryptobox/cryptobox.h @@ -39,6 +39,9 @@ struct rspamd_cryptobox_segment { #define rspamd_cryptobox_HASHBYTES 64 #define rspamd_cryptobox_HASHKEYBYTES 64 #define rspamd_cryptobox_HASHSTATEBYTES 256 +#define rspamd_cryptobox_MAX_SIGSKBYTES 64 +#define rspamd_cryptobox_MAX_SIGPKBYTES 32 +#define rspamd_cryptobox_MAX_SIGBYTES 64 #define CPUID_AVX2 0x1 #define CPUID_AVX 0x2 @@ -50,7 +53,7 @@ struct rspamd_cryptobox_segment { typedef guchar rspamd_pk_t[rspamd_cryptobox_MAX_PKBYTES]; typedef guchar rspamd_sk_t[rspamd_cryptobox_MAX_SKBYTES]; -typedef guchar rspamd_sig_t[rspamd_cryptobox_MAX_MACBYTES]; +typedef guchar rspamd_mac_t[rspamd_cryptobox_MAX_MACBYTES]; typedef guchar rspamd_nm_t[rspamd_cryptobox_MAX_NMBYTES]; typedef guchar rspamd_nonce_t[rspamd_cryptobox_MAX_NONCEBYTES]; typedef guchar rspamd_sipkey_t[rspamd_cryptobox_SIPKEYBYTES]; @@ -86,7 +89,7 @@ void rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk); */ void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig); + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -99,7 +102,7 @@ void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig); + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig); /** @@ -113,7 +116,7 @@ void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segment */ gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_sig_t sig); + const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -125,7 +128,7 @@ gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, */ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_sig_t sig); + const rspamd_nm_t nm, rspamd_mac_t sig); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -138,7 +141,7 @@ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_sig_t sig); + const rspamd_nm_t nm, rspamd_mac_t sig); /** @@ -152,7 +155,7 @@ void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segm */ gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, const rspamd_sig_t sig); + const rspamd_nm_t nm, const rspamd_mac_t sig); /** * Generate shared secret from local sk and remote pk |